Vulnerabilities > CVE-2010-3154 - Unspecified vulnerability in Adobe Extension Manager CS5 5.0.298

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

adobe

critical

exploit available

NVD

Published: 2010-08-27

Updated: 2010-08-30

Summary

Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .mxi or .mxp file.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Extension Manager CS5 5.0.298	1

Exploit-Db

description	Adobe Extension Manager CS5 v5.0.298 DLL Hijacking Exploit (dwmapi.dll). CVE-2010-3154. Local exploit for windows platform
file	exploits/windows/local/14784.c
id	EDB-ID:14784
last seen	2016-02-01
modified	2010-08-25
platform	windows
port
published	2010-08-25
reporter	LiquidWorm
source	https://www.exploit-db.com/download/14784/
title	Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit dwmapi.dll
type	local

References

http://www.exploit-db.com/exploits/14784/